Split container management from the management of running processes

Merges !27 (merged) and !28 (merged) made pretty obvious that we have a problem with the way we manage the processes running inside containers.
I would recommend that we start thinking about a way to avoid tracking processes inside the container manager, as a way to clean up our signal/io/cleanup code.

As a first obvious issue, note that !27 (merged) introduced a problem with commands running in existing containers not waiting for all of their IO (@sriduttb, be mindful of that during future experiments).